Photo of Tracy P. Marshall

Partner at Keller and Heckman LLP

Washington, DC

marshall@khlaw.com


To learn more about Tracy's practice areas, click here.

You might think that paying more than $9 million to settle charges of violating the Federal Trade Commission’s (FTC) Mail Order Rule would have spurred clothing retailer Fashion Nova, LLC to review its consumer protection compliance posture. But for the second time in two years, Fashion Nova has found itself in trouble with the FTC,

Children’s Online Privacy Protection Act (COPPA) enforcement actions closed out 2021 (see our blog post) and children’s online privacy remains a hot topic in Congress in 2022. After a series of articles by The Wall Street Journal last September uncovered Instagram’s own research on possible harms to teenagers from social media engagement, members of the

Two important settlements involving alleged violations of the Children’s Online Privacy Protection Act (COPPA) were announced in December 2021. Actions by both federal and state regulators reinforce that COPPA remains on the regulatory radar screen, particularly when it comes to ad tech. Efforts to more broadly limit programmatic advertising are also underway.

FTC and OpenX

In the absence of a comprehensive U.S. federal privacy law, three states – California, Virginia, and Colorado – have enacted comprehensive privacy laws as of this year. The California Consumer Privacy Act (CCPA) is in effect now, and the California Privacy Rights Act (CPRA), Virginia Consumer Data Protection Act (VCDPA), and Colorado Privacy Act (CPA)

“Dark patterns” – user interfaces that are designed, intentionally or unintentionally, to influence user decision making – have been increasingly on the Federal Trade Commission’s (FTC or Commission) radar. As we previously reported, the FTC held a workshop earlier this year to examine, among other things, how dark patterns affect online user behavior and

The newly established California Privacy Protection Agency (the Agency) is soliciting public comments on a number of issues, as required by the California Privacy Rights Act (CPRA) that was passed by ballot initiative in November 2020. CPRA expands the rights afforded to California residents and the obligations imposed on businesses under the California Consumer Privacy

With millions of Internet of Things (IoT) devices from phones to smart home censors flooding the market every year, effective cybersecurity to help mitigate risks to devices is vital. New guidance from The National Institute of Standards and Technology (NIST), IoT Non-Technical Supporting Capability Core Baseline (NISTIR 8259B), is intended to help manufacturers identify the